Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

usbus/hid: fix buffer overflow in hid_io #18860

Merged
merged 1 commit into from
Nov 11, 2022
Merged

usbus/hid: fix buffer overflow in hid_io #18860

merged 1 commit into from
Nov 11, 2022

Conversation

Ollrogge
Copy link
Contributor

@Ollrogge Ollrogge commented Nov 9, 2022

Contribution description

This PR fixes a potential buffer overflow inside usb_hid_io_write which occurs when len > CONFIG_USBUS_HID_INTERRUPT_EP_SIZE.

@github-actions github-actions bot added Area: sys Area: System Area: USB Area: Universal Serial Bus labels Nov 9, 2022
dylad
dylad reviewed Nov 9, 2022
View reviewed changes
Copy link
Member

@dylad dylad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes make sense to me. I didn't test it yet but I should be able to do some tests tomorrow.

Spot some optimizations that can be made at the same time.

sys/usb/usbus/hid/hid_io.c Outdated Show resolved Hide resolved
sys/usb/usbus/hid/hid_io.c Show resolved Hide resolved
sys/usb/usbus/hid/hid_io.c Outdated Show resolved Hide resolved
@dylad
Copy link
Member

dylad commented Nov 10, 2022

@Ollrogge Feel free to squash !

dylad
dylad approved these changes Nov 10, 2022
View reviewed changes
Copy link
Member

@dylad dylad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK.

@dylad dylad added the CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR label Nov 10, 2022
@riot-ci
Copy link

riot-ci commented Nov 10, 2022

Murdock results

✔️ PASSED

0f9577d usbus/hid: fix buffer overflow in hid_io

Success Failures Total Runtime
2002 0 2002 06m:37s

Artifacts

This only reflects a subset of all builds from https://ci-prod.riot-os.org. Please refer to https://ci.riot-os.org for a complete build for now.

@dylad dylad enabled auto-merge November 10, 2022 21:29
@maribu maribu added the Process: needs backport Integration Process: The PR is required to be backported to a release or feature branch label Nov 10, 2022
@dylad dylad merged commit 43d1f19 into RIOT-OS:master Nov 11, 2022
@maribu maribu mentioned this pull request Nov 11, 2022
Merged
@maribu
Copy link
Member

maribu commented Nov 11, 2022

Backport provided in #18889

@kaspar030 kaspar030 added this to the Release 2023.01 milestone Jan 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dylad dylad dylad approved these changes

@bergzand bergzand Awaiting requested review from bergzand bergzand is a code owner

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

Assignees
No one assigned
Labels
Area: sys Area: System Area: USB Area: Universal Serial Bus CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Process: needs backport Integration Process: The PR is required to be backported to a release or feature branch
Projects
None yet
Milestone
Release 2023.01
Development

Successfully merging this pull request may close these issues.
5 participants
@Ollrogge @dylad @riot-ci @maribu @kaspar030